Remarks 

I . Summary of Office Action 

Claims 1-4 and 8-12 were pending in the application. 

Claim 11 was objected to because of an informality. 

Claims 1, 4, and 10-12 were rejected under 35 U.S.C. § 102(e) 
as being anticipated by Taylor et al. U.S. Patent No. 6,278,885 
(hereinafter "Taylor") . 

Claims 2-3 and 8-9 were rejected under 35 U.S.C. § 103(a) as 
being obvious from Taylor in view of Yadav U.S. Patent 
Publication No. 2003/0149887 (hereinafter "Yadav"). 

The Examiner's objections to and rejections of the claims are 
hereby addressed. 

II . Examiner Interview Summary 

On October 1, 2010, the undersigned attorney for applicant 
held a telephonic interview with Examiner Khoshnoodi to discuss 
amendments to the claims proposed by the undersigned. During 
the interview, the Examiner indicated that the amendments to 
claims 1 and 4 submitted herewith overcame the novelty 
rejections of the claims pending in the Office Action. 

Applicants would like to thank the Examiner for the courtesies 
extended during the Examiner Interview. 

III. Summary of Applicants' Reply 

Applicants hereby amend claims 1, 4 and 10 to more 
particularly and clearly define applicants' claimed invention. 
Applicants hereby amend claim 11 to correct a grammatical error. 
No new matter has been added and the amendments are fully 
supported by the specification. Support for the amendments to 
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the claims can be found, for example, in the originally filed 
claims; in FIG. 6, numerals 620 and 650; in FIG. 4, step S420, 
FIG. 7, steps S701, S703, S705+S709, and FIG. 8, steps S805 and 
S807; and at page 9, paragraphs 72-73. 

The Examiner's objections to and rejections of the claims are 
hereby addressed. 

IV. The Objection to Claim 11 

Claim 11 was objected to because of an informality. 

Applicants hereby amend claim 11 to correct a grammatical 
error and properly indicate that a packet is allowed to bypass 
the firewall "if the destination port has been registered". No 
new matter has been added, and the amendment is fully supported 
by the originally filed application. 

In view of the foregoing, applicants respectfully request that 
the objection be withdrawn. 

V. The Prior-Art Rejections of the Claims 

Claims 1, 4, and 10-12 were rejected under 35 U.S.C. § 102(e) 
as being anticipated by Taylor. Claims 2-3 and 8-9 were 
rejected under 35 U.S.C. § 103(a) as being obvious from Taylor 
in view of Yadav. 

Independent claims 1, 4, and 10 are generally directed towards 

network security systems and methods for permitting trusted 

network communication programs to have server ports 

automatically registered in a firewall. The system stores a 

list of trusted programs (i.e., "permitted" programs registered 

in an "internal permitted program storage") , and allows a 

firewall flexible device to automatically register server ports 
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for the trusted programs in an internal permitted port storage. 
Once a port is registered, inbound packet traffic is allowed to 
bypass the firewall only if the destination port of a packet is 
a registered port. 

More specifically, an internal permitted program storage 
stores a list of programs permitted to have server ports 
registered by the firewall. When a network communication 
program uses a server port, a firewall flexible device 
determines whether the program is registered in the list of 
programs stored in the internal permitted program storage. If 
the program is registered in the list, an internal permitted 
port storage registers the server port. The firewall flexible 
device then blocks inbound packets whose destination ports are 
not registered in the port storage. 

Taylor describes a system and method for network access 
control using adaptive proxies. A system administrator manually 
specifies which server ports are to be registered in a 
configuration information file (col. 6, lines 4-12). When a 
connection control packet is received, a dynamic packet filter 
module (DPF) determines whether the port on which the packet was 
received is registered, and transfers information about the 
packet to a proxy only if the port is a registered port (col. 5, 
line 39, through col. 6, line 25). When a data packet is 
received, the packet is either sent to its destination if the 
packet belongs to an existing connection, or is processed 
through a transparency filter if the packet belongs to a new 
connection (col. 12, lines 20-39). 

The Office Action alleges that Taylor fully anticipates 

applicants' claimed invention. Applicants respectfully disagree 

for at least the following three reasons: 
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Firstly, applicants submit that Taylor in no way shows or 
suggests the claimed "internal permitted program storage for 
storing a list of programs permitted to have server ports 
registered by the firewall", as required by amended claims 1, 4, 
and 10. Indeed, the operation of the firewall of Taylor is in 
no way concerned with the identity of programs seeking to 
communicate through the firewall. As a result, Taylor does not 
teach or otherwise suggest an internal permitted program 
storage, or any other of means for storing a list of programs 
permitted to have server ports registered by the firewall. 

Secondly, applicants submit that Taylor in no way teaches "a 

firewall flexible device" or other device "for determining 

whether the network communication program [seeking to use a 

server port] is registered in the list of programs stored in the 

internal permitted program storage". Applicants' "firewall 

flexible device" of amended claim 1 both determines whether a 

communication program is registered in an internal permitted 

program storage (see claim 1, limitation starting with "a 

firewall flexible device..."), and determines whether a 

destination port of a packet has been registered in an internal 

permitted port storage (see claim 1, limitation starting with 

"wherein the firewall flexible device..."). While Taylor 

teaches a dynamic packet filter (DPF, 207) which determines 

whether a port on which a packet was received is registered in a 

configuration information file (col. 5, line 66, through col. 6, 

line 6), the DPF of Taylor is in no way concerned with the 

identity of programs seeking to communicate through a firewall, 

and fails to teach or otherwise suggest the claimed firewall 

flexible device for determining whether the network 

communication program is registered . 
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Finally, applicants submit that Taylor in no way shows or 
suggests "an internal permitted port storage" or other device 
for "registering the extracted information about the server port 
if [...] the network communication program [using the port] is 
registered in the list of programs stored in the internal 
permitted program storage ", as required by amended claims 1, 4 
and 10. At best, applicants submit that Taylor teaches a 
configuration information file storing information on which 
ports are registered (col. 6, lines 44-45). The configuration 
information file taught by Taylor, however, only stores ports if 
"the system administrator specifies [ . . . ] the ports [ . . . ] in the 
configuration file " (col. 6, lines 4-6). In particular, the 
configuration information file of Taylor is in no way described 
as registering ports based on the identity of particular 
programs using the ports, much less based on the identity of 
programs listed in an internal permitted program storage. 

For at least the reasons that Taylor fails to teach or suggest 

an internal permitted program storage, a firewall flexible 

device, or an internal permitted port storage in accordance with 

amended claim 1, applicants submit that claim 1 is novel and 

non-obvious. For at least the reasons that Taylor fails to 

teach or suggest storing a list of programs permitted to have 

server ports registered, determining whether a network 

communication program is registered in a stored list of 

programs, and registering information about a port if a 

particular program is registered in the program list, applicants 

submit that amended claims 4 and 10 are novel and non-obvious. 

Claims 2-3, 8, 9, 11, and 12, which each depend from one of 

claims 1 and 4, are novel at least because they depend from 

allowable claims. In view of the foregoing, applicants 
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respectfully request that the rejection of claims 1-4 and 8-12 
be withdrawn. 



VI . Conclusion 

The foregoing demonstrates that claims 1-4 and 8-12 are 
allowable. This application is therefore in condition for 
allowance. Reconsideration and allowance are accordingly 
respectfully requested. 



Respectfully submitted. 



Date; October 4, 2010 By; /Jae Y. Park/ 

JAE Y. PARK 
Reg. No. ; 62,629 
Attorney for applicants 

Kile, Park, Goekjian, Reed & McManus, PLLC 
1200 New Hampshire Avenue NW, Suite 570 
Washington, DC 20036 
Tel. No. : 202-263-0809 
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